Tesir

Privacy Policy

DCBA CONSULTING LTD. • TESIR.IO PLATFORM • PRIVACY POLICY

DCBA CONSULTING LTD.
TESIR.IO PLATFORM
PRIVACY POLICY

This Privacy Policy has been prepared pursuant to the Turkish Personal Data Protection Law No. 6698 ("GDPR"), Law No. 5651 and applicable legislation, in order to explain the principles and procedures regarding the processing of personal data of individuals who use the Tesir.io platform, website and all related digital platforms (the "Platform") operated by DCBA Danışmanlık Limited Şirketi (the "Company", "Tesir.io"). The Company processes your personal data lawfully and fairly, accurately and, where necessary, up to date, for specific, explicit and legitimate purposes, in a manner that is relevant, limited and proportionate to the purpose, and takes the necessary technical and administrative security measures.

1. Data Controller

Under GDPR, the data controller is DCBA Danışmanlık Limited Şirketi. Contact details are as follows:

  • Email: support@tesir.io
  • Website: https://tesir.io
  • Address: Ferko Signature No: 175/7 Şişli / İstanbul / Turkey

2. Automatically Collected Data and Obligations Under Law No. 5651

When you visit and use the Platform, certain data is processed automatically for purposes such as ensuring system security, service continuity, preventing misuse and fulfilling legal obligations. Such data may include IP address, connection time and duration, session information, device and browser information, access logs and platform usage information. Under Law No. 5651 and related legislation, as a hosting provider, traffic data and access logs may be retained for a certain period and shared upon request of authorized institutions. This processing is carried out based on GDPR Article 5/2-ç (compliance with a legal obligation) and GDPR Article 5/2-f (legitimate interest of the data controller).

3. Personal Data Provided by the User

If you use the Platform, create an account or contact us, some personal data you provide may be processed. This may include name, surname, email address, information regarding Platform use, content generation and sharing records, and support request information. Such data is processed for providing Platform services, creating and managing the user account, conducting user support processes and improving service quality. Tesir.io does not store users’ credit card information; payment transactions are carried out by secure payment service providers.

4. Purposes of Processing Personal Data

Your personal data is processed for purposes such as providing Platform services, creating and managing user accounts, ensuring platform security, preventing unauthorized access, providing technical support, responding to user requests, improving platform performance, improving services, conducting information security processes, and fulfilling legal obligations. If you have given explicit consent, informational messages and service-related announcements may be sent to you.

5. LinkedIn API Integration and Processing of LinkedIn Data

Tesir.io may integrate with the LinkedIn platform. Within the scope of this integration, data obtained via the LinkedIn API is processed only with the user’s explicit authorization and solely for providing Tesir.io platform services.

LinkedIn data is used for the following purposes:

  • providing services to the user,
  • performing platform functions requested by the user,
  • ensuring platform security.

Tesir.io does not sell, rent, share for commercial purposes, or disclose LinkedIn API data to unauthorized third parties. If the user (i) revokes LinkedIn authorization, (ii) deletes their Tesir.io account, or (iii) submits a data deletion request, personal data obtained via the LinkedIn API will be deleted from our systems or anonymized within a maximum of ten (10) days.

6. Processing Purposes and Transfers

Your personal data may be processed for purposes including providing services, account management, ensuring platform security, preventing unauthorized access, responding to requests, technical support, performance improvements, service quality improvements, information security processes, and compliance with legal obligations. With your explicit consent, informational and service announcements may be sent.

In accordance with Articles 8 and 9 of GDPR, your personal data may be shared, to the extent necessary, with the following recipient groups for purposes such as responding to communication requests, fulfilling contractual obligations, providing services, ensuring platform security, improving user experience and system performance, fulfilling legal obligations, and carrying out business processes:

  • technical infrastructure providers,
  • cloud service providers,
  • hosting providers,
  • analytics and technical service providers,
  • security and software service providers,
  • and authorized public institutions and organizations as required by law.

Personal data may be transferred domestically or, where legal conditions are met, abroad, with appropriate security measures. Tesir.io never sells, rents or shares your personal data for commercial purposes.

7. Data Security and Technical Measures

Tesir.io applies technical and administrative security measures in line with up-to-date technology to ensure the security of personal data. Encryption technologies such as SSL and TLS are used to protect information during transmission. Access to the Platform is restricted via role-based authorization and only authorized personnel are permitted. Our systems are protected by firewalls, intrusion detection systems and log monitoring mechanisms. User passwords are stored in an irreversibly encrypted form and no one, including Tesir.io personnel, can access them. Server and database security are regularly audited and technical protections against unauthorized access are applied. Security monitoring, access logging and system security checks are performed regularly to prevent data breaches.

8. Data Retention Period

Your personal data is stored for the period necessary for the purpose of processing and for the periods stipulated in applicable legislation. Upon the expiry of the retention period or when the purpose of processing ceases to exist, personal data is deleted, destroyed or anonymized. Data obtained via the LinkedIn API is deleted or anonymized within a maximum of 10 days upon user request or revocation of authorization.

9. Cookies

The Platform may use cookies and similar technologies for proper functioning of the service, ensuring security and improving user experience. Detailed information about cookies is provided in the separate Cookie Policy.

10. Data Subject Rights

Under Article 11 of GDPR, data subjects have rights including learning whether their personal data is processed, requesting information if processed, learning the purpose of processing, requesting rectification, requesting deletion, and claiming compensation for damages arising from unlawful processing. You may submit your requests to support@tesir.io. Your applications will be finalized within a maximum of thirty (30) days.